impl ConditionallyNegatable for BoxedUint (#795)

Author: dvdplm

src/traits.rs

@@ -930,7 +930,7 @@ pub trait Monty:
 /// Allows one to perform inplace multiplication without allocations
 /// (important for the `BoxedUint` case).
 ///
-/// NOTE: You will be operating with Montgomery represntations directly,
+/// NOTE: You will be operating with Montgomery representations directly,
 /// make sure they all correspond to the same set of parameters.
 pub trait MontyMultiplier<'a>: From<&'a <Self::Monty as Monty>::Params> {
     /// The associated Montgomery-representation integer.

src/uint/boxed/ct.rs

@@ -2,7 +2,7 @@
 
 use super::BoxedUint;
 use crate::{ConstantTimeSelect, Limb};
-use subtle::{Choice, ConditionallySelectable};
+use subtle::{Choice, ConditionallyNegatable, ConditionallySelectable};
 
 /// NOTE: can't impl `subtle`'s [`ConditionallySelectable`] trait due to its `Copy` bound
 impl ConstantTimeSelect for BoxedUint {
@@ -37,11 +37,18 @@ impl ConstantTimeSelect for BoxedUint {
     }
 }
 
+impl ConditionallyNegatable for BoxedUint {
+    #[inline]
+    fn conditional_negate(&mut self, choice: Choice) {
+        let self_neg = self.wrapping_neg();
+        self.ct_assign(&self_neg, choice)
+    }
+}
+
 #[cfg(test)]
 mod tests {
-    use super::BoxedUint;
-    use crate::ConstantTimeSelect;
-    use subtle::Choice;
+    use crate::{BoxedUint, ConstantTimeSelect};
+    use subtle::{Choice, ConditionallyNegatable};
 
     #[test]
     fn conditional_select() {
@@ -51,4 +58,17 @@ mod tests {
         assert_eq!(a, BoxedUint::ct_select(&a, &b, Choice::from(0)));
         assert_eq!(b, BoxedUint::ct_select(&a, &b, Choice::from(1)));
     }
+
+    #[test]
+    fn conditional_negate() {
+        let mut a = BoxedUint::from(123u64);
+        let control = a.clone();
+
+        a.conditional_negate(Choice::from(0));
+        assert_eq!(a, control);
+
+        a.conditional_negate(Choice::from(1));
+        assert_ne!(a, control);
+        assert_eq!(a, control.wrapping_neg());
+    }
 }